<?php
    class Register {
        // ATRIBUT
        public $database;
        public $session;

        // METHOD
        public function __construct($database,$session) {
            $this->database = $database;
            $this->session = $session;
        }

        public function  execRegistration($id_role,$username,$password,$fullname,$img_location,$birthdate,$join_date,$wall_role,$location) {
            // menghilangkan kemungkinan SQL Injection
            $fullname = mysql_escape_string($fullname);
            $username = mysql_real_escape_string($username);
            $password = mysql_real_escape_string($password);
            $birthdate = mysql_real_escape_string($birthdate);
            $location = mysql_real_escape_string($location);
            $fullname = stripslashes($fullname);
            $username = stripslashes($username);
            $password = stripslashes($password);
            $birthdate = stripslashes($birthdate);
            $location = stripslashes($location);
            $password = md5($password);

            $query =
            "INSERT INTO ".$this->database->t_user."(
                id_role,
                username,
                password,
                fullname,
                img_location,
                birthdate,
                join_date,
                wall_role,
                location
            ) VALUES (
                '".$id_role."',
                '".$username."',
                '".$password."',
                '".$fullname."',
                '".$img_location."',
                '".$birthdate."',
                '".$join_date."',
                '".$wall_role."',
                '".$location."'
            )";

            if ($this->database->execQuery($query)) {
                header("location:../index.php?ref=regSuccess");
            }
            else {
                header("location:../index.php?ref=regFailed");
                die();
            }
        }

    }
?>
